The Federal Bureau of Investigation (FBI) has flagged six Bitcoin wallets linked to North Korean state-backed hacking group Lazarus. The six wallets contain 1,580 Bitcoin worth $40 million believed to be hoarded from the various cryptocurrency hacks over the past year.
The FBI in its investigation found that the Lazarus group moved approximately 1,580 BTC linked with several crypto exploits. These funds are currently sitting in the following Bitcoin addresses:
The FBI warned crypto companies that the movement of funds linked to the infamous North Korean hacking group could be a sign that they are looking to sell. The federal investigation agency advised crypto companies to keep an eye out for the six BTC wallets and use blockchain data to keep track of any movement of funds.
“Private sector entities should examine the blockchain data associated with these addresses and be vigilant in guarding against transactions directly with, or derived from, the addresses.”
The North Korean hacking group has been actively involved in multiple crypto-linked exploits over the years, stealing billions of dollars worth of crypto assets. A recent report from TRM Labs suggests that the North Korean hackers have stolen nearly $2 billion in crypto since 2018. The group was most active in 2022, having stolen nearly $1 billion worth of crypto assets last year alone.
2022 saw some of the biggest decentralized finance (DeFi) exploits, and the Lazarus group was identified as the mastermind behind Harmony’s Horizon bridge and Sky Mavis’ $625 million hack on Ethereum-linked sidechain Ronin Bridge last year.
Although crypto-linked exploits due to code vulnerabilities in platforms and protocols have increased due to the sophistication in methods used by these hackers, blockchain technology still makes it problematic for exploiters to launder or move their ill-gotten gains, due to the public ledger that makes it possible to track the movement of funds.
Law enforcement agencies like the FBI, along with crypto companies, have worked on several occasions in the past to freeze funds linked to such exploits. Earlier in February this year, Huobi and Binance froze $1.4 million worth of crypto assets linked to North Korea. Similarly, $63 million worth of assets linked to the Harmony Bridge hack was also frozen by crypto exchanges.